Software Security Testing Services


IMQ Minded Security performs software security analysis in white box mode (Code Review) and black box mode (Zero Knowledge Testing).

The following are IMQ Minded Security’s Software Security Testing Services:

Manual Secure Code Review

the Code Review activity consists in the process of auditing the source code of an application to verify that proper security controls are present, that they work as intended and that they have been invoked in all the right places. We have a strong experience that permits us to evaluate software using our manual methodology and utilizing commercial and open source tools.

Advanced Web Application Penetration Testing (WAPT)

during an Advanced Web Application Penetration Test we test all the security controls implemented by the application to evaluate the security of the software with a black box approach. Then we give fixing support to our customers’ developers team.

Mobile Application Security Assessment

during a Mobile Application Security Assessment we test all the security controls implemented by the application to evaluate the security of the software with a black box approach. IMQ Minded Security performs Assessment of Mobile Applications for the Apple iOS, Android, Blackberry and Windows Mobile platforms.

Client Side Security Assessment

with a Client Side Security Assessment, IMQ Minded Security wants to offer to its customer the possibility to take advantage of the Blue Closure technology without the need of buying a license. Our consultants will scan your website using Blue Closure and manually investigate the results in order to identify false positives and true vulnerabilities.

Web Services Testing

in this case we have two actors: the Web services consumer and the Web services supplier. Web Services use XML messages via SOAP and every interaction can be modified. Web Services can result vulnerable to different type of attacks such as Data Validation attacks that test the XML parser vulnerabilities.

Internet of Things (IoT) Testing

Internet of Things (IoT) devices are changing the world we live in and the way we interact. The variety, heterogeneity and complexity of IoT systems require the support of high security standards. In this case scenario, IMQ Minded Security can assist you in the difficult process of identifying, testing and securing all the possible attack surfaces that IoT devices expose.

Check our

Services Testing.

Software flaws continue to be a key issue in the financial industry. Application Program Interface (API) economy and access-to-accounts (PSD2) are the big new trends: with ease of API integrations comes the difficult part of ensuring authentication and authorization. APIs are not web applications: APIs have unique logic, unique authentication and authorization mechanisms, and together […]

More info

Cloud Security Testing In house centralized, monolithic applications are being continuously substituted by applications split in microservices running in the cloud, whereas Cloud services can be Infrastructure/Platform/Software (I/P/SaaS).  Each type of service requires different kinds of security analysis consisting of a mixture of architecture design, configuration, information flow, operations and software implementation.  IMQ Minded Security […]

More info

Internet of Things (IoT) Security Thanks to the diversified skills of its consultants and a wide range of services that we offer, we are able to support customers during the evaluation of their IoT infrastructure, perform all necessary tests to find and validate potentially security vulnerabilities and then prioritize detected issues in order to fix […]

More info

Get a security assessment on your applications with an advanced support to fix the vulnerabilities fund during the test.

More info

Verify the security of your Mobile Applications with a Mobile Security Assessment.

More info

Probably the single-most effective technique for identifying security flaws in your code.

More info

Take advantage of the best way to scan and analyze complex enterprise portals with rich JavaScript content, without the need of buying a license.

More info